[ Avaa Bypassed ]

Upload:

Command:

hmhc3928@18.119.127.177: ~ $ 
�
��^c@sdZddlZddlZddljZyddlTWnnXddlmZddlmZddlm	Z	ddlm
Z
dd	lmZdd
lmZdZ
dZdZd
dd��YZded�Zd�Zddd��YZd�ZdS(s>
classes and algorithms for the generation of SELinux policy.
i����N(t*i(t	refpolicy(tobjectmodel(taccess(t
interfaces(tmatching(tutiliitPolicyGeneratorcBs�eZdZdd�Zddd�Zed�Zed�Z	d�Z
d�Zdd�Zd	�Z
d
�Zd�Zd�Zd
�ZRS(s�Generate a reference policy module from access vectors.

    PolicyGenerator generates a new reference policy module
    or updates an existing module based on requested access
    in the form of access vectors.

    It generates allow rules and optionally module require
    statements and reference policy interfaces. By default
    only allow rules are generated. The methods .set_gen_refpol
    and .set_gen_requires turns on interface generation and
    requires generation respectively.

    PolicyGenerator can also optionally add comments explaining
    why a particular access was allowed based on the audit
    messages that generated the access. The access vectors
    passed in must have the .audit_msgs field set correctly
    and .explain set to SHORT|LONG_EXPLANATION to enable this
    feature.

    The module created by PolicyGenerator can be passed to
    output.ModuleWriter to output a text representation.
    cCs[d|_t|_t|_|r-||_ntj�|_	t|_
d|_d|_dS(s�Initialize a PolicyGenerator with an optional
        existing module.

        If the module paramater is not None then access
        will be added to the passed in module. Otherwise
        a new reference policy module will be created.
        N(
tNonetifgentNO_EXPLANATIONtexplaintFalsetgen_requirestmoduelRtModuletmodulet	dontauditt	mislabledtdomains(tselfR((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt__init__Ds					cCs;|r$t||�|_t|_n	d|_|j�dS(s?Set whether reference policy interfaces are generated.

        To turn on interface generation pass in an interface set
        to use for interface generation. To turn off interface
        generation pass in None.

        If interface generation is enabled requires generation
        will also be enabled.
        N(tInterfaceGeneratorR	tTrueR
Rt"_PolicyGenerator__set_module_style(Rtif_sett	perm_maps((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytset_gen_refpolXs

	cCs
||_dS(s&Set whether module requires are generated.

        Passing in true will turn on requires generation and
        False will disable generation. If requires generation is
        disabled interface generation will also be disabled and
        can only be re-enabled via .set_gen_refpol.
        N(R
(Rtstatus((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytset_gen_requiresjscCs
||_dS(s)Set whether access is explained.
        N(R(RR((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytset_gen_explaintscCs
||_dS(N(R(RR((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytset_gen_dontaudityscCs?|jrt}nt}x |jj�D]}||_q(WdS(N(R	RRRtmodule_declarationsR(RRtmod((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt__set_module_style|s
		s1.0cCs�d}x|jj�D]}|}qW|sQtj�}|jjjd|�n||_||_|j	rxt
|_n	t|_dS(s?Set the name of the module and optionally the version.
        iN(RRR RtModuleDeclarationtchildrentinserttnametversionR	RR(RR&R'tmR!((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytset_module_name�s
			cCs |jrt|j�n|jS(N(R
R(R((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt
get_module�s	cCsyddl}yL|j|jd�}|djd�d}||jkrW||_dSWntk
rknXd|_dS(Ni����iit:i(tselinuxtmatchpathcontobj_pathtsplitttgt_typeRtOSErrorR(RtavR,tcontextR/((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt__restore_label�s	
cCs&x|D]}tj|�}|jr4|j|_nd|_|jrpttjt	|d|j���|_n|j
�}|ddkr�|jtj
kr�|jddj|d�7_nx9|jD].}|dks�|dkr�t}Pq�t}q�W|ddk	r�|ddkr�|r�|jtj
kr�|jtkrMd}nd}|jd	dj|d
�dj|d�dj|d�f7_|jdkr�|jddj|d�dj|j�dj|�dj|j�f7_q�n|j|�|jdk	rZ|jtj
krZ|jddj|j�dj|j�f7_n|jtj
kr~|jd
7_n|jtjkr�|jd7_n|jtjkr#t|j�dkr|jddjg|jD]}|d^q��7_q#|jd|jdd7_n|jtjkr�|jd7_|jd7_|jd|jd7_x+|jdD]}	|jd|	7_q{Wnyf|jtjkrd|jkrd|jks�d|jkr|jsttdd�dd|_ng}
xngt t
gi|j!t"6|jt#6|jt$6�D]}|t%^q@D]%}||jkrT|
j&|�qTqTWt|
�dkr�|jd|j!|jdj|
�f7_qt|
�dkr|jd|j!|jdj|
�f7_qnWnnX|j'j(j&|�qWdS(Ntt	verbosityis$
#!!!! WARNING: '%s' is a base type.itwritetcreates(/.*?)sU
#!!!! WARNING '%s' is not allowed to write or create to %s.  Change the label to %s.isG
#!!!! $ semanage fcontext -a -t %s %s%s   
#!!!! $ restorecon -R -v %ssY
#!!!! The file '%s' is mislabeled on your system.  
#!!!! Fix with $ restorecon -R -v %ss0
#!!!! This avc is allowed in the current policys:
#!!!! This avc has a dontaudit rule in the current policysH
#!!!! This avc can be allowed using one of the these booleans:
#     %ss, s5
#!!!! This avc can be allowed using the boolean '%s's�
#!!!! This avc is a constraint violation.  You would need to modify the attributes of either the source or target types to allow this access.s
#Constraint rule: s
#	s?
#	Possible cause is the source %s and target %s are different.tdirtopenR&tdomainttypessL
#!!!! The source type '%s' can write to a '%s' of the following type:
# %s
sM
#!!!! The source type '%s' can write to a '%s' of the following types:
# %s
()RtAVRuleRt	DONTAUDITt	rule_typetcommentRtstrtCommenttexplain_accesstbase_file_typettypet	audit2whytALLOWtjointpermsRRRt	obj_classR9R.t_PolicyGenerator__restore_labelRtBOOLEANtlentdatat
CONSTRAINTtTERULERtseinfot	ATTRIBUTEtsesearchtsrc_typetSCONTEXTtCLASStPERMStTCONTEXTtappendRR$(RtavsR2trulet	base_typetpermt
permissiontcomptxtreasonR<ti((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt__add_allow_rules�sr
			*"#
 	CS
!49!	 N.5cCsT|jr=|jj||j�\}}|jjj|�n|}|j|�dS(sJAdd the access from the access vector set to this
        module.
        N(R	tgenRRR$textendt!_PolicyGenerator__add_allow_rules(Rtav_sett	raw_allowtifcalls((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt
add_access�s
		cCs(x!|D]}|jjj|�qWdS(N(RR$RY(Rt
role_type_sett	role_type((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytadd_role_typess
N(t__name__t
__module__t__doc__RRRRRtSHORT_EXPLANATIONRRRR)R*RKRfRjRm(((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyR-s
					J	c	s�g���fd�}|tkr�x�|jD]�}�jd|j��jdt|j�t|j�f��jd|jtj	|j
�f��jd|j|j|j
f��jtjd|jddd	d
dd��q.W|�n�|r�jd
|j|j|j|jj�f�t|j�dkru|jd}�jd|j|j|j
f�n|�n�S(s�Explain why a policy statement was generated.

    Return a string containing a text explanation of
    why a policy statement was generated. The string is
    commented and wrapped and can be directly inserted
    into a policy.

    Params:
      av - access vector representing the access. Should
       have .audit_msgs set appropriately.
      verbosity - the amount of explanation provided. Should
       be set to NO_EXPLANATION, SHORT_EXPLANATION, or
       LONG_EXPLANATION.
    Returns:
      list of strings - strings explaining the access or an empty
       string if verbosity=NO_EXPLANATION or there is not sufficient
       information to provide an explanation.
    csg�s
dS�jd�xI�j�D];}t|j�j�}�jd|j�|jf�q$WdS(Ns Interface options:s   %s # [%d](RYtalltcall_interfacet	interfaceR2t	to_stringtdist(tmatchtifcall(tmlts(s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytexplain_interfacess
s %ss  scontext="%s" tcontext="%s"s  class="%s" perms="%s"s  comm="%s" exe="%s" path="%s"s	message="t"iPtinitial_indents  tsubsequent_indents   s) src="%s" tgt="%s" class="%s", perms="%s"is comm="%s" exe="%s" path="%s"(tLONG_EXPLANATIONt
audit_msgsRYtheaderRAtscontextttcontextttclassRtlist_to_space_strtaccessestcommtexetpathRettextwraptwraptmessageRTR0RJRItto_space_strRM(R2RyR6R{tmsg((RyRzs8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyRC	s*	 	#&
	&
&
cCs+g}g}|j|jj��|jdd�dt�tj�}|j|_x�t	t
|��D]�}||jtjkr�|j
j|j�qf||jtjkr�|j
j|j�qf||jtjkr�|j
j|j�qf||jGHdsft�qfWt
|j
�dks't�|S(NtkeycSs|jS(N(tnum(tparam((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt<lambda>Estreversei(RetparamstvaluestsortRRt
InterfaceCallR&tifnametrangeRMREtSRC_TYPEtargsRYRTtTGT_TYPER0t	OBJ_CLASSRJtAssertionError(RtR2R�R�RxRb((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyRs@s"RcBs/eZdd�Zd�Zd�Zd�ZRS(cCs5||_|j|�tj|�|_g|_dS(N(tifsthack_check_ifsRt
AccessMatchertmatchertcalls(RR�R((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyRZs	
cCs�x�|jj�D]�}g}|j|jj��|jdd�dt�xptt|��D]\}|d||jkr�t	|_
Pn||jtj
tjtjgkr^t	|_
Pq^q^WqWdS(NR�cSs|jS(N(R�(R�((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyR�hsR�i(RR�ReR�R�RR�RMR�RtenabledRERR�R�R�(RR�R`R�Rb((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyR�`s		cCs|j|�}g}xi|jD]^}t|j�j|j�}|rjtjt|j||��|_	n|j
||f�qWg}x�|D]y\}}t}	xN|D]F}
|
j|�r�|
j	r�|j	r�|
j	j
|j	�nt}	q�q�W|	s�|j
|�q�q�W||fS(N(RwR�RstbestRtR2RRBRCR@RYRtmatchestmergeR(RRZR6traw_avRiRyRxtdR�tfoundto_ifcall((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyRdws$$

cCslg}x_|D]W}tj�}|jj|j||�t|�rW|jj|�q
|j|�q
W|S(N(Rt	MatchListR�t
search_ifsR�RMR�RY(RRZR�R2tans((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyRw�s
N(RnRoRRR�RdRw(((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyRYs		cCs.d�}x|j�D]}||�qWdS(s*Add require statements to the module.
    cSstj�}xa|j�D]S}|jj|j�|jj|j�x$|jD]}|j||j	�qOWqWx8|j
�D]*}x!|jD]}|jj|�q�Wq}Wx:|j
�D],}|jj|j�|jj|j�q�W|jjd�|jjd|�dS(NRi(RtRequiretavrulesR<tupdatet	src_typest	tgt_typestobj_classest
add_obj_classRItinterface_callsR�taddt
role_typestrolestroletdiscardR$R%(tnodetrtavruletobjRxtargRl((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pytcollect_requires�sN(tnodes(RR�R�((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyR
�s	(((Rpt	itertoolsR�tselinux.audit2whyRFtsetoolsR5RRRRRRR
RqRRRRCRsRR
(((s8/usr/lib64/python2.7/site-packages/sepolgen/policygen.pyt<module>s*�7	B

Filemanager

DIR : / usr/ lib64/ python2.7/ site-packages/ sepolgen/
Name Type Size Permission Actions
.__init__.pyo.40009 File 142 B 0644
.access.pyo.40009 File 13.18 KB 0644
.audit.pyo.40009 File 22.33 KB 0644
.classperms.pyo.40009 File 3.16 KB 0644
.defaults.pyo.40009 File 2.87 KB 0644
.interfaces.pyo.40009 File 15.86 KB 0644
.lex.pyo.40009 File 19.24 KB 0644
.matching.pyo.40009 File 7.4 KB 0644
.module.pyo.40009 File 8.4 KB 0644
.objectmodel.pyo.40009 File 4.64 KB 0644
.output.pyo.40009 File 4.51 KB 0644
.refparser.pyo.40009 File 36.27 KB 0644
.refpolicy.pyo.40009 File 46.45 KB 0644
.sepolgeni18n.pyo.40009 File 410 B 0644
.util.pyo.40009 File 7.87 KB 0644
.yacc.pyo.40009 File 41.4 KB 0644
__init__.py File 0 B 0644
__init__.pyc File 142 B 0644
__init__.pyo File 142 B 0644
access.py File 12.33 KB 0644
access.pyc File 13.18 KB 0644
access.pyo File 13.18 KB 0644
audit.py File 23.64 KB 0644
audit.pyc File 22.33 KB 0644
audit.pyo File 22.33 KB 0644
classperms.py File 2.75 KB 0644
classperms.pyc File 3.16 KB 0644
classperms.pyo File 3.16 KB 0644
defaults.py File 2.69 KB 0644
defaults.pyc File 2.87 KB 0644
defaults.pyo File 2.87 KB 0644
interfaces.py File 16.21 KB 0644
interfaces.pyc File 15.86 KB 0644
interfaces.pyo File 15.86 KB 0644
lex.py File 32.86 KB 0644
lex.pyc File 19.24 KB 0644
lex.pyo File 19.24 KB 0644
matching.py File 8.45 KB 0644
matching.pyc File 7.4 KB 0644
matching.pyo File 7.4 KB 0644
module.py File 7.12 KB 0644
module.pyc File 8.4 KB 0644
module.pyo File 8.4 KB 0644
objectmodel.py File 6.37 KB 0644
objectmodel.pyc File 4.64 KB 0644
objectmodel.pyo File 4.64 KB 0644
output.py File 5.01 KB 0644
output.pyc File 4.51 KB 0644
output.pyo File 4.51 KB 0644
policygen.py File 16.31 KB 0644
policygen.pyc File 15.25 KB 0644
policygen.pyo File 15.18 KB 0644
refparser.py File 30.2 KB 0644
refparser.pyc File 36.27 KB 0644
refparser.pyo File 36.27 KB 0644
refpolicy.py File 27.31 KB 0644
refpolicy.pyc File 46.45 KB 0644
refpolicy.pyo File 46.45 KB 0644
sepolgeni18n.py File 912 B 0644
sepolgeni18n.pyc File 410 B 0644
sepolgeni18n.pyo File 410 B 0644
util.py File 5.41 KB 0644
util.pyc File 7.87 KB 0644
util.pyo File 7.87 KB 0644
yacc.py File 80.04 KB 0644
yacc.pyc File 41.4 KB 0644
yacc.pyo File 41.4 KB 0644